tomcat-users mailing list archives

Just for the record:
many thanks for Martin for helping me off-list. My problem was that I
had not added the AprLifecycleListener to server.xml.
Lesson learned: do not copy over configuration files from Tomcat 5.5 to
Tomcat 6 but start with the new ones from Tomcat 6 and insert the
appropriate directives.
Markus
Markus Meyer schrieb:
> Hi,
>
> I have a Debian machine where previously, Tomcat 5.5 was installed
> (using the Tomcat 5.5 Debian package). "uname -a" returns:
>
> Linux server02 2.6.26-2-amd64 #1 SMP Sun Jul 26 20:35:48 UTC 2009 x86_64
> GNU/Linux
>
> Now, for some reason I installed Tomcat 6 by using the binary
> distribution of Tomcat 6.0.20 downloadable from the website (because
> there's no Debian package for Tomcat 6 yet). I copied over the
> configuration files: logging.properties, server.xml, tomcat-users.xml
> and everything works fine except SSL.
>
> The server listens on port 80 for HTTP requests and on port 443 for
> HTTPS requests. With the exact same configuration and certificate file,
> SSL works with Tomcat 5.5 but not with Tomcat 6. Everything else works
> without any flaws.
>
> When I try to access the server using "https://myserver.com/" in
> firefox, the error code "ssl_error_rx_record_too_long" appears. However,
> no errors are logged at all, although I set everything to ALL in the
> logging.properties file.
>
> I even converted the PKCS12 certificate I use to JKS format but although
> keytool shows the certificate just fine, using the JKS keystore has the
> same effect.
>
> I use the following connector settings in /opt/tomcat6/conf/server.xml:
>
> <Connector
> port="443"
>
> scheme="https"
> secure="true"
> clientAuth="false"
>
> sslProtocol="TLS"
>
> keystoreFile="/opt/tomcat6/conf/cert.p12"
> keystorePass="*************"
> keystoreType="pkcs12"
>
> maxHttpHeaderSize="8192"
> maxThreads="150"
> minSpareThreads="25"
> maxSpareThreads="75"
> enableLookups="false"
> connectionTimeout="20000"
> disableUploadTimeout="true"
> acceptCount="100"
> />
>
> Tomcat is run as root (for now at least), so permission problems should
> not occur. Of course /opt/tomcat6/conf/cert.p12 exists and is a valid
> certificate.
>
> I would be extremely grateful if someone has an idea on how I could
> attempt to debug this strange problem.
>
> Thanks in advance!
>
> Best regards
> Markus
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org